Over the years the author has used the expression ‘this is my truth, tell me yours’ many times as a first slide in a presentation deck. It comes from Nye Bevan, father of the UK National Health Service, who used it on several occasions. It reflects the fact that anything I deliver is by definition subjective, based on how I see the world/IoT market/etc.
Never is this truer than when talking about take-aways from trade shows. In quick succession the author attended Mobile World Congress in Barcelona and Embedded World in Nuremberg. As discussed with people at the shows, I barely see a news release during the week, nor do I attend many sessions other than those I’m actively speaking at. So my view of the trends is based on dozens of meetings and many more conversations over the week. The ability to triangulate so many diverse perspectives on IoT connectivity in such a short period of time is invaluable. The result is that my views tend towards the macro-level rather than “this is an interesting product” or “we expect big things of such-and-such technology”. Mostly.
Historically, the mobile and IoT industries have cycled through a series of dominant themes, including IoT itself, low-power wide-area networks, 5G, satellite connectivity and eSIM. In 2026, however, no equivalent breakthrough emerged. Artificial intelligence remains the most widely referenced topic, yet its practical impact on cellular IoT deployments is still developing. Some vendors increasingly refer to IoT as “physical AI,” reflecting the role connected devices play in generating real-world data that feeds AI models. In practice, however, the industry is still exploring how this relationship translates into scalable commercial deployments, although analytics and anomaly detection are improving. Meanwhile, the underlying connectivity technologies, such as 5G standalone networks, non-terrestrial networks (NTN - on which I moderated a panel) and eSIM standard evolution, continue to mature incrementally rather than dramatically altering market dynamics. Oftne being bogged down in the practicalities of commercialisation and operations once the technology has been fully baked.
One of the clearest shifts emerging from industry discussions is the growing importance of distributed infrastructure. As IoT deployments generate larger data volumes and increasingly support real-time applications, the traditional approach of centralised data routing is becoming less practical. Instead, enterprises and connectivity providers are focusing on localised processing and distributed packet gateways that enable data to be handled closer to the device. This approach reduces latency, lowers backhaul requirements and helps address regulatory constraints around data localisation.
This trend is also reshaping how connectivity providers position themselves. Rather than simply selling SIM cards and data plans, many are evolving toward the role of infrastructure operators delivering global, distributed connectivity platforms. Companies such as Aeris, floLIVE and Stacuity are examples of firms supporting these globally distributed architectures.
The shift brings the IoT connectivity sector closer to enterprise IT architecture models, particularly those resembling content delivery networks. In such an environment, connectivity becomes an enabling layer within a broader infrastructure platform rather than a standalone service.
I explored many of these topics in a recent blog post ‘What does greater ‘localisation’ mean for IoT delivery?’ and a recent Transforma Insights report ‘Evolving approaches to traffic management for international roaming’ (February, 2026) examines the dynamics of new approaches.
Security considerations are increasingly intertwined with this infrastructure model. Large fleets of connected devices introduce new risks, particularly when devices sit outside traditional enterprise security frameworks.
Partnerships with security vendors are also emerging to bridge the gap between IoT networks and enterprise security environments. A collaboration between Aeris and Palo Alto Networks integrates IoT connectivity with secure access service edge architectures, allowing enterprises to apply consistent security policies across both IT infrastructure and wireless IoT devices.
This type of integration highlights a broader trend toward convergence between enterprise IT security and operational technology networks. As connected devices increasingly become part of critical infrastructure and industrial environments, organisations are seeking unified architectures that cover both domains.
Many, of not most, of the conversations at Mobile World Congress are with connectivity providers, the MNOs and IoT-focused MVNOs. This kicks off on the Sunday night with Transforma Insights’ MWC IoT CEO Dinner.
Those many conversations across the week with those players reflected a notable theme: the increasing maturity of the IoT connectivity ecosystem. The competitive landscape is shifting away from basic connectivity toward differentiated capabilities.
Some providers are focusing on global infrastructure reach, as noted above. Others are emphasising vertical expertise, enterprise integration capabilities or specialised resilience features. Companies such as emnify are building global connectivity platforms capable of operating across hundreds of mobile networks worldwide.
For traditional mobile network operators, differentiation often lies in leveraging existing assets. Network ownership, distribution channels and enterprise relationships allow them to bundle connectivity with broader enterprise services, such as managed gateways, video analytics platforms and vertical industry solutions.
Many similar themes were highlighted in our Communications Service Provider IoT Peer Benchmarking Report, published in October 2025, a summary of which can be found here: 'New Transforma Insights study identifies market leaders and key trends in IoT connectivity'
Regulation is also emerging as a major factor shaping the IoT landscape. In particular, the European Union’s Cyber Resilience Act introduces stringent cybersecurity obligations for products with digital elements. The regulation requires manufacturers to design products with security in mind, address vulnerabilities throughout the lifecycle and establish processes for reporting and remediating security incidents. Non-compliance may result in significant financial penalties.
Despite its importance, awareness of the regulation across the industry appears uneven. Discussions at Embedded World suggested stronger engagement with the topic among hardware manufacturers than among connectivity providers and mobile operators. However, as implementation deadlines approach, compliance is likely to become a critical priority for organisations building or deploying connected products within European markets.
For those not familiar with the CRA, more details can be found in the CRA entry in the Transforma Insights Regulatory Database.
Taken together, the themes emerging from Mobile World Congress and Embedded World suggest the IoT connectivity market is entering a new phase of maturity. The conversation is shifting away from individual technologies toward the broader architecture required to support global deployments, and a pivot into the enterprise networking and IT domains.
Distributed infrastructure, integrated security, regulatory readiness and differentiated service capabilities are becoming central to the competitive landscape. Connectivity itself remains essential, but it is increasingly embedded within a wider ecosystem of infrastructure, platforms and enterprise services.
In that sense, the future of IoT connectivity may look less like a traditional telecom service and more like a globally distributed data delivery platform, one designed to support the growing intersection of physical systems, digital infrastructure and artificial intelligence.
The extended version of this blog post is available as a report for subscribers to Transforma Insights’ Advisory Service: ‘Mobile World Congress and Embedded World 2026: technology takes a back seat to commercial models and regulation’ (March, 2026).
